mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

block/crypto: disallow write sharing by default

Browse Source 
My commit 'block/crypto: implement the encryption key management'
accidently allowed raw luks images to be shared between different
qemu processes without share-rw=on explicit override.
Fix that.

Fixes: bbfdae91fb ("block/crypto: implement the encryption key management")
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1857490

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Message-Id: <20200719122059.59843-2-mlevitsk@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
This commit is contained in:
Maxim Levitsky 2020-07-19 15:20:58 +03:00 committed by Max Reitz
parent af3d69058e
commit 662d0c5392
1 changed files with 1 additions and 1 deletions

2
block/crypto.c

@ -881,7 +881,7 @@ block_crypto_child_perms(BlockDriverState *bs, BdrvChild *c,
* For backward compatibility, manually share the write * For backward compatibility, manually share the write
* and resize permission * and resize permission
*/ */
*nshared |= (BLK_PERM_WRITE | BLK_PERM_RESIZE); *nshared |= shared & (BLK_PERM_WRITE | BLK_PERM_RESIZE);
/* /*
* Since we are not fully a format driver, don't always request * Since we are not fully a format driver, don't always request
* the read/resize permission but only when explicitly * the read/resize permission but only when explicitly